blackbeard420/esp-idf
1
0
Fork 0
mirror of https://github.com/espressif/esp-idf synced 2025-03-10 09:39:10 -04:00
Code Issues Projects Releases Wiki Activity

mbedtls: disable support for RSASSA-PSS signatures

Browse Source 
This is a workaround for CVE-2018-0487.
Ref. https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2018-01
Ref. https://github.com/espressif/esp-idf/issues/1730
This commit is contained in:
Ivan Grokhotkov 2018-04-19 11:40:06 +08:00
parent 594e1b5e44
commit 0a97cb62ef
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
components/mbedtls/port/include/mbedtls/esp_config.h
View File

@ -926,7 +926,7 @@
*
* This enables support for RSAES-OAEP and RSASSA-PSS operations.
*/
#define MBEDTLS_PKCS1_V21
//#define MBEDTLS_PKCS1_V21
/**
* \def MBEDTLS_RSA_NO_CRT
@ -1420,7 +1420,7 @@
*
* Comment this macro to disallow using RSASSA-PSS in certificates.
*/
#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
//#define MBEDTLS_X509_RSASSA_PSS_SUPPORT
/**
* \def MBEDTLS_ZLIB_SUPPORT